package org.surfnet.oaaas.selenium;

import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.junit.Test;
import org.openqa.selenium.WebDriver;
import org.surfnet.oaaas.auth.OAuth2Validator;
import org.surfnet.oaaas.model.AccessTokenResponse;
import java.io.InputStream;
import static org.junit.Assert.*;

/**
 * Test refresh token flow
 */
public class RefreshTokenTestIT extends SeleniumSupport {

  private String clientId = "it-test-client-no-consent-refresh";
  private String secret = "somesecret2";

  @Test
  public void refreshCode() throws Exception {
    /*
     * First do a normal authorization and obtain a AccessToken (with refreshToken) 
     */
    String accessTokenRedirectUri = startAuthorizationCallbackServer(clientId, secret);

    WebDriver webdriver = getWebDriver();
    webdriver.manage().deleteAllCookies();

    String responseType = "code";
    String url = String.format("%s/oauth2/authorize?response_type=%s&client_id=%s&scope=read&redirect_uri=%s",
            baseUrl(), responseType, clientId, accessTokenRedirectUri);
    webdriver.get(url);

    /*
     * Consent is not necessary for this Client
     */
    login(webdriver, false);

    // get token response
    String tokenResponse = getAuthorizationCodeRequestHandler().getTokenResponseBlocking();
	System.out.println("tokenResponse:" + tokenResponse);
	
    AccessTokenResponse accessTokenResponse = getMapper().readValue(tokenResponse, AccessTokenResponse.class);

    assertTrue(StringUtils.isNotBlank(accessTokenResponse.getAccessToken()));
    assertTrue(StringUtils.isNotBlank(accessTokenResponse.getRefreshToken()));
    assertTrue(StringUtils.isNotBlank(accessTokenResponse.getScope()));
    assertTrue(StringUtils.isNotBlank(accessTokenResponse.getTokenType()));
    assertTrue(accessTokenResponse.getExpiresIn() > 0);

    String tokenUrl = String.format("%s/oauth2/token", baseUrl());

    final HttpPost tokenRequest = new HttpPost(tokenUrl);
    
    /*
     * Now make a request for a new AccessToken based on the refreshToken
     */
    String postBody = String.format("grant_type=%s&refresh_token=%s&state=%s",
            OAuth2Validator.GRANT_TYPE_REFRESH_TOKEN, accessTokenResponse.getRefreshToken(), "dummy");

    tokenRequest.setEntity(new ByteArrayEntity(postBody.getBytes()));
    tokenRequest.addHeader("Authorization", AuthorizationCodeTestIT.authorizationBasic(clientId, secret));

    tokenRequest.addHeader("Content-Type", "application/x-www-form-urlencoded");

    HttpResponse tokenHttpResponse = new DefaultHttpClient().execute(tokenRequest);
    final InputStream responseContent = tokenHttpResponse.getEntity().getContent();
    String responseAsString = IOUtils.toString(responseContent);
	System.out.println("responseAsString:" + responseAsString);
	
    AccessTokenResponse refreshTokenResponse = getMapper().readValue(responseAsString, AccessTokenResponse.class);

    assertTrue(StringUtils.isNotBlank(refreshTokenResponse.getAccessToken()));
    assertTrue(StringUtils.isNotBlank(refreshTokenResponse.getRefreshToken()));
    assertTrue(StringUtils.isNotBlank(refreshTokenResponse.getScope()));
    assertTrue(StringUtils.isNotBlank(refreshTokenResponse.getTokenType()));
    assertTrue(accessTokenResponse.getExpiresIn() > 0);

    assertNotSame(refreshTokenResponse.getAccessToken(), accessTokenResponse.getAccessToken());
    assertNotSame(refreshTokenResponse.getRefreshToken(), accessTokenResponse.getRefreshToken());
    assertEquals(refreshTokenResponse.getScope(), accessTokenResponse.getScope());
    assertEquals(refreshTokenResponse.getExpiresIn(), accessTokenResponse.getExpiresIn());
  }
}
